headers
Chris Coleman | 2 Mar 2002 06:52

Daemon News Magazine Issue #6 Now Available


Daemon News is pleased to announce the winter quarter issue of the
print magazine.

As always, this issue delivers insiteful BSD articles and exceptional 
graphics which do not appear anywhere on the Internet, as well as 
reprints from the FreeBSD Diary, BSD <at> Work, and Daemon News Ezine.

This issue is already on its way to current subscribers, and many of 
you may have already received it. My copy arrived in the mail today!

Also new is the availability of a pdf of the entire issue. When 
ordering on-line, a zipped PDF can be downloaded immediately; of course 
a hardcopy will be mailed to you as well.

Table of Contents:

  Getting to the source of Mac OS X 
  Scanning e-mail for viruses with Kaspersky 
  FreeBSD Diary: Upgrading Ports 
  OpenBSD PF How-To 
  Book Review: FreeBSD Unleashed 
  Dual Booting NetBSD and Mac OS X 
  Embedded BSD 

You can order from:

  http://www.bsdmall.com/magazines.html

Magazine Subscriptions are available here:
(Continue reading)

Permalink | Reply | 0 comments |
headers
Markus Friedl | 7 Mar 2002 12:56
Picon
Favicon

OpenSSH Security Advisory (adv.channelalloc)


1. Systems affected:

	All versions of OpenSSH between 2.0 and 3.0.2 contain
	an off-by-one error in the channel code.

	OpenSSH 3.1 and later are not affected.

2. Impact:

        This bug can be exploited locally by an authenticated user
        logging into a vulnerable OpenSSH server or by a malicious
        SSH server attacking a vulnerable OpenSSH client.
	
3. Solution:

	Upgrade to OpenSSH 3.1 or apply the following patch.

4. Credits:

	This bug was discovered by Joost Pol <joost <at> pine.nl>

Appendix:

Index: channels.c
===================================================================
RCS file: /cvs/src/usr.bin/ssh/channels.c,v
retrieving revision 1.170
retrieving revision 1.171
diff -u -r1.170 -r1.171
(Continue reading)

Permalink | Reply | 0 comments |
headers
Markus Friedl | 7 Mar 2002 12:55
Picon
Favicon

OpenSSH 3.1 released

OpenSSH 3.1 has just been released. It will be available from the
mirrors listed at http://www.openssh.com/ shortly.

OpenSSH is a 100% complete SSH protocol version 1.3, 1.5 and 2.0
implementation and includes sftp client and server support.

We would like to thank the OpenSSH community for their continued
support and encouragement.

Important Changes:
==================

- /etc/ssh/ now default directory for keys and configuration files
- ssh-keygen no longer defaults to a specific key type (rsa1);
  use ssh-keygen -t {rsa,dsa,rsa1}
- sshd x11 forwarding listens on localhost by default;
  see sshd X11UseLocalhost option to revert to prior behaviour
  if your older X11 clients do not function with this configuration

Other Changes:
==============

- ssh ~& escape char functions now for both protocol versions
- sshd ReverseMappingCheck option changed to VerifyReverseMapping
  to clarify its function; ReverseMappingCheck can still be used
- public key fingerprint is now logged with LogLevel=VERBOSE
- reason logged for disallowed logins (e.g., no shell, etc.)
- more robust error handling for x11 forwarding
- improved packet/window size handling in ssh2
- use of regex(3) has been removed
(Continue reading)

Permalink | Reply | 0 comments |
headers
Theo de Raadt | 26 Mar 2002 18:42
Picon
Favicon

sparc64 flag day

the sparc64 just underwent a flag day.  The memory model has been changed.

There will be no upgrade from 3.0 to 3.1 on the sparc64.  You must
reinstall, due to the binaries having been changed in fiddly internal
ways.  Just reinstall.  You could very carefully upgrade, but then
other issues might happen, like packages you are using, etc.

So just reinstall if you have a sparc64, ok?  You will be happy.  Some
compiler bugs are fixed as a result!
Permalink | Reply | 0 comments |

Gmane